<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<meta name="keywords" content="SecuLution online documentation, web online help, web help" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<link rel=stylesheet href="default.css" type="text/css" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

 <TITLE>SecuLution Dokumentation - configure automated tasks</TITLE>
<STYLE type="text/css">
.t0i { font-family: Tahoma, Verdana; font-size: 11px; color: #000000; text-decoration: none } 
  .i0tab { border: 0; border-collapse: collapse; }
  .i0ind { border: 0; Height: 16px }
</STYLE>
</HEAD>
<BODY bgcolor="white" style="margin: 0; border: none; padding: 0px">
<!-- !chm2web! -->
   
<TABLE bgcolor="white" width="100%" border="0" cellpadding="3">
 <TR>
  <TD align="left" width="100" nowrap>
   <a href="http://www.seculution.com" target="_top">Home</a> &nbsp;&nbsp;
  </TD>
  <TD align="center"  nowrap>
   <b><font size="3pt" color="black">SecuLution Dokumentation</font></b>
  </TD>
  <TD align="right" width="120" nowrap>
   <a href="configuration_agent.htm">Zurück</a>
   <a href="import_trusted_applications.htm">Vor</a>
  </TD>
 </TR>
</TABLE>
<TABLE width="100%" border="1" cellpadding="5">
<TR valign="top">
  <TD width="200" bgcolor="white" nowrap><table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="welcome.htm" ><span      >Willkommen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="principle.htm" ><span      >SecuLution Technik und Terminologie</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Schnellstart</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="quickstart_test_setup.htm" ><span      >Testinstallation in 30 Minuten</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="best_practice_everyday.htm" ><span      >Vorgehen im Alltag</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="quickstart_full_setup.htm" ><span      >Vollinstallation und Integration in 5 Stunden</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Installation der Komponenten</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="server_appliance_installation.htm" ><span      >Installation der Appliance</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="adminwizard_installation.htm" ><span      >AdminWizard Installation</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="agent_installation.htm" ><span      >Agent Installation</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="syslog_server_installation.htm" ><span       >Syslog Server Installation</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Erstkonfiguration</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="configure_basic_settings.htm" ><span       >Grundeinstellungen vornehmen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="configuration_agent.htm" ><span       >Agent Konfiguration</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="schedule_tasks.htm" ><span class="chitemsel" >Aufgaben automatisieren</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Verwaltung der Positivliste</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Erste Erstellung einer Positivliste</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="import_trusted_applications.htm" ><span       >Musterrechner importieren</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="lernmode.htm" ><span       >Lernmodus</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="check_deployment.htm" ><span       >Ausrollen der Agents prüfen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="audit.htm" ><span       >Audit / Prüfung der gelernten Hashes</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Zur Positivliste hinzufügen</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="dragndrop.htm" ><span       >Drag'n'drop</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="individual_lernmode.htm" ><span       >Individueller Lernmodus</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="import_from_directory.htm" ><span       >Aus Verzeichnis importieren</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="plu.htm" ><span       >Ständiger Lernbenutzer / PLU</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="log_alarms.htm" ><span       >Log Alarme</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Positivliste bereinigen</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="manually_delete_orphaned.htm" ><span       >Manuell ungenutzte Hashes entfernen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="delete_from_pattern.htm" ><span       >Hashes nach einem Muster entfernen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="ruleset.htm" ><span       >Klassifizierungen aufräumen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Aktionen</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="actions.htm" ><span       >Aktionen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="valid_for.htm" ><span       >Regel auf Objekte beziehen</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Offline Modus</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="offline_mode.htm" ><span       >Offline Modus</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Geräte</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="usb_device_management.htm" ><span       >USB Geräte Management</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="usb_device_encryption.htm" ><span       >USB Geräte Verschlüsselung</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Ausrollen der Agents (RCM)</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="setup_rcm.htm" ><span       >Ausrollen der Agents (RemoteClientManagement)</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>ArpWatch</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="arpwatch.htm" ><span       >ArpWatch</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Logs</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="logs.htm" ><span       >Logs</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="faq.htm" ><span       >FAQ</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="setup.ini.htm" ><span       >setup.ini</span></a></td>
</tr></table></TD>
  <TD bgcolor="white">
  
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<h1>Aufgaben automatisieren</h1>
Die meisten Aufgaben, die Sie normalerweise manuell in der GUI des
AdminWizards durchführen, können in Scripten automatisiert werden.
Eine detaillierte Beschreibung, wie die Befehlszeilenargumente für
den Admin Wizard in einem Script verwendet werden können, kann in
der Datei "example-script.bat"&nbsp; im AdminWizards Ordner
gefunden werden.
<ul>
<li>Navigieren Sie zum Verzeichnis, in dem der AdminWizard
installiert ist ("C:\Program Files
(x86)\SecuLution\AdminWizard")</li>

<li>Kopieren Sie die Datei "expample-script.bat" in eine neue Datei
(z.B. "nachts.bat")</li>

<li>Bearbeiten Sie die "nachts.bat" nach Ihren Bedürfnissen</li>

<li>Starten Sie den AdminWizard im GUI mode</li>

<li>Wählen Sie im Menü "Extra/Scripting/Passwort in der Registry
speichern" aus</li>

<li>Wählen Sie im Menü "Extra/Directories/MS-Active_Directory/Jetzt
updaten"</li>

<li>Zum WSUS import stellen Sie sicher, dass die Option
"Updatedateien auf diesen Server nur herunterladen, wenn Updates
genehmigt sind" ausgeschaltet ist (WSUS Konfiguration,
"Updatedateien und -sprachen"):<br>
<img alt="" src="i/001151.png"></li>

<li>Starten Sie die Windows Aufgabenplanung</li>

<li>Erstellen Sie eine Aufgabe, in der das Script "C:\Program Files
(x86)\SecuLution\SecuSurf-Admin-Wizard\nachts.bat" ausgeführt wird
(mindestens 90 Minuten nach WSUS Synchronisationszeitpunkt)</li>

<li>Setzen Sie die Option "Starten in" auf das Verzeichnis des
AdminWizards ("C:\Program Files (x86)\SecuLution\AdminWizard" -
OHNE Anführungszeichen(!) )</li>

<li>Der Aufgabenplaner benötigt in der Zeile "Programm/Script" den
vollen Pfad mit umschließenden Anführungszeichen, da der Pfad
Leerzeichen enthalten könnte. Anders die Zeile "Starten in
(optional)"! Hier darf - trotz eventueller Leerzeichen im Pfad -
kein Anführungszeichen verwendet werden.</li>
</ul>
<img title="Scheduler" alt="Scheduler" src="i/000705.png"><br>
<br>
Entfernen Sie das "REM" vor dem Setzen der Variable "logfile" um
eine Logdatei mit den Ergebnissen Ihrer Scriptfunktion zu
protokollieren.<br>
<span style="font-family: Courier New,Courier,monospace;"><br>
</span><br>

<hr>

<p>Example-Script.bat, aus dem AdminWizard
Installations-Verzeichnis:</p>

<p><br>
</p>
<span style="font-family: Courier New,Courier,monospace;">@echo
off<br>
<br>
rem
############################################################<br>
rem Example script to run the SecuSurf-AdminWizard in batch
mode<br>
rem
############################################################<br>
<br>
rem IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT<br>
rem IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT<br>
rem IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT<br>
<br>
rem Some features require configuration which are made in the<br>
rem SecuLution AdminWizard running in GUI mode! !!!READ THIS!!!<br>
<br>
rem ##### THIS FILE WILL BE OVERWRITTEN
########################<br>
rem Please copy this file to a new name since this example<br>
rem script will be overwritten with new updates. Then<br>
rem edit the new file and configure the options as desired!<br>
<br>
rem ##### LOGIN PASSWORD REQUIRED
##############################<br>
rem The AdminWizard needs a password to login to the SecuLution<br>
rem appliance. To stored the password encrypted in the registry<br>
rem start the AdminWizard into GUI mode, login, select menu<br>
rem Extra/Scripting/store password in registry<br>
<br>
rem ##### WSUS IMPORT
##########################################<br>
rem Because unpacking hotfix files for XP and Windows 2003 may<br>
rem require the execution of these files, it is recommended to<br>
rem run this script as administrator with high privileges and<br>
rem UAC turned off.<br>
<br>
rem ##### LDAP ROOT REQUIRED
###################################<br>
rem In order to replicate objects from your ActiveDirectory the<br>
rem AdminWizard needs to know the LDAP root to use. This will
be<br>
rem configured upon first start of the replication process in
in<br>
rem GUI mode. Start the AdminWizard and select the menu<br>
rem Extra/Directories/MS-Active-Directory/update now<br>
<br>
rem
############################################################<br>
rem #### END OF IMPORTANT REQUIREMENTS
#########################<br>
rem
############################################################<br>
<br>
<br>
<br>
rem
############################################################<br>
rem #### VARIABLES #########################<br>
rem
############################################################<br>
<br>
rem if %logfile% is not defined, no logs will be written<br>
rem set logfile=D:\Logs\SecuLution-Script-logfile.txt<br>
<br>
rem usage of a sample computer is recommended<br>
rem set masterimage=nameofsamplecomputer<br>
<br>
rem Convert German date notation dd.mm.yyyy to ISO date
yyyy-mm-dd<br>
for /f "delims=. tokens=1,2,3" %%a in ('echo %date%') do set
isodate=%%c-%%b-%%a<br>
<br>
rem
############################################################<br>
rem #### END OF VARIABLES #########################<br>
rem
############################################################<br>
<br>
<br>
rem
############################################################<br>
rem Recommended configuration<br>
rem remove "rem" from all required "call" and "start" lines<br>
rem
############################################################<br>
<br>
rem make sure no remaining instance is running<br>
rem recommended without modification<br>
rem call:messageoutput "terminate"<br>
rem start /w SecuSurfAdminWizard.exe -terminate<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem delete unneeded WSUS entries to keep ruleset small<br>
rem recommended without modification<br>
rem call:messageoutput "deleteoldwsusentries"<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldwsusentries 60<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem delete orphaned entries to keep ruleset small<br>
rem recommended without modification<br>
rem call:messageoutput "deleteoldentries"<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldentries 180<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import new files from trusted path (if applicable)<br>
rem see details below, configure path<br>
rem call:messageoutput "importdir"<br>
rem start /w SecuSurfAdminWizard.exe -importdir
"\\%masterimage%\c$\"
"scriptmode;-importdir;%masterimage%;%isodate%"<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import and expand (msi/zip/rar/...) files from trusted path<br>
rem see details below, configure path<br>
rem call:messageoutput "importexpand"<br>
rem start /w SecuSurfAdminWizard.exe -importexpand y:\Software\<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import and expand (msi/zip/rar/...) ONE file<br>
rem see details below, configure path<br>
rem call:messageoutput "importexpandfile"<br>
rem start /w SecuSurfAdminWizard.exe -importexpandfile
y:\download\setup.exe<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import and expand (msi/zip/rar/...) new or changed files from
trusted path<br>
rem see details below, configure path<br>
rem call:messageoutput "importifchanged"<br>
rem start /w SecuSurfAdminWizard.exe -importifchanged
y:\Software\<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import new WSUS entries<br>
rem see details below, configure path<br>
rem call:messageoutput "wsus"<br>
rem start /w SecuSurfAdminWizard.exe -wsus d:\wsus\wsuscontent\<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import ActiveDirectory objects Groups, Computers and Users<br>
rem recommended without modification<br>
rem call:messageoutput "updatead"<br>
rem start /w SecuSurfAdminWizard.exe -updatead<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem save and create backup of SecuSurf database<br>
rem recommended, configure path<br>
rem call:messageoutput "exportruleset"<br>
rem start /w SecuSurfAdminWizard.exe -exportruleset
d:\backups\SecuSurf-Backup-%isodate%.ssf<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem
############################################################<br>
rem END OF Recommended configuration<br>
rem
############################################################<br>
<br>
<br>
<br>
<br>
rem
############################################################<br>
rem Detailled information about the different command lines
follow<br>
rem
############################################################<br>
<br>
<br>
rem
############################################################<br>
rem ##################### no password
##########################<br>
rem
############################################################<br>
rem When the AdminWizard is prepared to be started in script<br>
rem mode, the login password is being stored in the registry as<br>
rem explained above. You can create a shortcut to start the<br>
rem AdminWizard without prompting for a login password.<br>
rem
############################################################<br>
rem SecuSurfAdminWizard.exe -dontaskforpassword<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### TERMINATE
############################<br>
rem
############################################################<br>
rem Only one instance of SecuSurfAdminWizard may run at a time<br>
rem on one computer. In case an earlier instance did not<br>
rem terminate properly, all running instances can be closed<br>
rem using the -terminate switch.<br>
rem
############################################################<br>
rem start /w SecuSurfAdminWizard.exe -terminate<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -terminate<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### IMPORT ONE FILE
######################<br>
rem
############################################################<br>
rem Import ONE new program into SecuSurfs database, no matter<br>
rem if this program is new or not. The file will not be
expanded<br>
rem (unpacked).<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -import
z:\Software\New-Version.exe<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### IMPORT RECURSIVE
#####################<br>
rem
############################################################<br>
rem Import all programs from the given directory and all sub-<br>
rem directories into SecuSurfs database. The only difference to<br>
rem the -import command is that this command does not import<br>
rem ONE program, but ANY program fron the given directory and<br>
rem all subdirectories.<br>
rem<br>
rem Note:<br>
rem This command imports all programs WITHOUT expanding packed<br>
rem programs and regardless if the program may already have
been<br>
rem previously imported.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importdir z:\Software\<br>
<br>
<br>
rem
############################################################<br>
rem ################# IMPORT RECURSIVE AND EXPAND
##############<br>
rem
############################################################<br>
rem This command imports the contents of any directory and all<br>
rem subdirectories, unpacks (expands) any file which has been<br>
rem compressed with commonly used packing algorhythms and
import<br>
rem the content of the file. Recursive depth is 5.<br>
rem<br>
rem Note:<br>
rem This command will regard any file as new if the fileNAME
has<br>
rem been changed since the last time the command was used on
the<br>
rem same directory or if the filename has never been found in<br>
rem that directory before. Files which have been replaced by a<br>
rem new version but still have the same name will NOT be
imported.<br>
rem<br>
rem Note:<br>
rem The host on which the Admin-Wizard is being started with<br>
rem the -importexpand switch should _NOT_ have the
SecuSurf-Agent<br>
rem running because extracting files may require starting them,<br>
rem which will be blocked for new patches if the agent is
running!<br>
rem<br>
rem Note:<br>
rem During the very first run of this program no files are
added<br>
rem to SecuSurfs database. Any further execution of this
command<br>
rem will import all files that have been added since the last
time<br>
rem the command was run.<br>
rem<br>
rem Note:<br>
rem Supports unpacking CAB, EXE, ZIP, RAR, MSI and many more<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importexpand
d:\deployment\content\<br>
<br>
<br>
rem
############################################################<br>
rem ##### IMPORT and EXPAND (unpack) ONE FILE (recursive)
######<br>
rem
############################################################<br>
rem This command will import one file, unpack (expand) it (if<br>
rem compressed with commonly used packing algorhythms) and
import<br>
rem the content of the file. Recursive depth is 5.<br>
rem<br>
rem Note:<br>
rem This command will process any given file even it was
imported<br>
rem before.<br>
rem<br>
rem Note:<br>
rem The host on which the Admin-Wizard is being started with<br>
rem the -importexpand switch should _NOT_ have the
SecuSurf-Agent<br>
rem running because extracting files may require starting them,<br>
rem which will be blocked for new patches if the agent is
running!<br>
rem<br>
rem Note:<br>
rem Supports unpacking CAB, EXE, ZIP, RAR, MSI and many more<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importexpandfile
y:\download\setup.exe<br>
<br>
<br>
rem
############################################################<br>
rem ############ IMPORT and EXPAND all NEW files
###############<br>
rem
############################################################<br>
rem Periodically import the contents of a Software-Distribution<br>
rem directory which contains trusted software into SecuSurfs<br>
rem database. Start this whenever new software was stored.<br>
rem The command will look for changed files since the last run<br>
rem of this command on the same directory.The detection<br>
rem is based on the "Last Changed" date of the file.<br>
rem<br>
rem Note:<br>
rem The command does NOT look for file NAMES and will re-<br>
rem import a file with the same name if the contents of<br>
rem the file have changed.<br>
rem<br>
rem Note:<br>
rem During the very first run of this program no files are
added<br>
rem to SecuSurfs database. Any further execution of this
command<br>
rem will import all files that have changed since the last time<br>
rem the command was run.<br>
rem<br>
rem Note:<br>
rem Do not use this command to import WSUS updates since the<br>
rem WSUS cleanup wizard will touch all files and therefore mark<br>
rem them as NEW.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importifchanged
y:\SoftwareDistributionPath<br>
<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### IMPORT WSUS
##########################<br>
rem
############################################################<br>
rem Periodically import the contents of the WsusContent
Directory<br>
rem or any other directory which contains trusted software<br>
rem into SecuSurfs database. Start this command 30 minutes
after<br>
rem your WSUS server has downloaded the latest patches from<br>
rem Microsoft. The command will look for unknown files, extract<br>
rem them and import them into SecuSurfs database.<br>
rem<br>
rem Because unpacking hotfix files for XP and Windows 2003 may<br>
rem require the execution of these files, it is recommended to<br>
rem run this script as administrator with high privileges and<br>
rem UAC turned off.<br>
rem<br>
rem Note:<br>
rem The command looks for unknown file NAMES and will not re-<br>
rem import a file with the same name even if the contents of<br>
rem the file have changed.<br>
rem<br>
rem Note:<br>
rem The host on which the Admin-Wizard is being started with<br>
rem the -wsus switch should _NOT_ have the SecuSurf-Agent<br>
rem running because extracting files requires starting them,<br>
rem which will be blocked for new patches if the agent is
running!<br>
rem<br>
rem Note:<br>
rem If your WSUS Server will provide patches for Windows Vista<br>
rem or later versions while your WSUS Server runs on Win2k3,
you<br>
rem will need a new version of EXPAND. See this link<br>
rem
http://technet.microsoft.com/en-us/library/cc722332(v=ws.10).aspx<br>

rem You may also run the command on an OS which includes a
version<br>
rem of expand.exe which is capable of IDC like Windows Vista
and<br>
rem later versions.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -wsus d:\wsus\wsuscontent\<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### RELOAD AD OBJECTS
####################<br>
rem
############################################################<br>
rem Update all users, groups and computers from the
ActiveDirectory<br>
rem into SecuSurf database.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -updatead<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ################## DELETE OLD ENTRIES
######################<br>
rem
############################################################<br>
rem Removes entries from SecuSurfs database that have not been<br>
rem used for x days.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldentries 180<br>
<br>
<br>
rem
############################################################<br>
rem ################ DELETE OLD WSUS ENTRIES
###################<br>
rem
############################################################<br>
rem Removes WSUS entries from SecuSurfs database that have not<br>
rem been used for x days by any client.<br>
rem Depending on the configuration of the WSUS server, WSUS can<br>
rem import more than 100 new signatures every day. All these<br>
rem signatures can be safely deleted from the database after<br>
rem they have not been used by any client for 60 days to avoid<br>
rem an infinite increase of SecuSurfs database.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldwsusentries 60<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ####################### BACKUP&nbsp;
############################<br>
rem
############################################################<br>
rem Export RuleSet and AD_config for backup purposes<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -exportruleset
d:\backups\SecuSurf-Backup-%DATE%.ssf<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ######################## NOVELL
############################<br>
rem
############################################################<br>
rem Update all users, groups and computers from Novells
eDirectory<br>
rem into the SecuSurf database.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -updatenovell<br>
<br>
<br>
rem
############################################################<br>
rem ################## CHALLENGE RESPONSE
######################<br>
rem
############################################################<br>
rem start the challenge-response dialogue while server is down<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -challengeresponse<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### LERN MODES
###########################<br>
rem
############################################################<br>
rem set learnmode on from command line<br>
rem
############################################################<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -addlearnmode 0.0.0.0/0
0.0.0.0/0 60<br>
rem this will add a new learnmode, learning from all IPs, rules<br>
rem are valid for all IPs, learnmode will be on for 60 seconds<br>
rem<br>
rem will work with AD objects, too: $=user, /=host, &amp;=group<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -addlearnmode /host2 0.0.0.0/0
600<br>
rem will add a new learnmode that learn from the computer with<br>
rem the name host2 for 10 minutes.<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -addlearnmode 0.0.0.0/0
0.0.0.0/0 0<br>
rem this will set a learnmode to off<br>
rem
############################################################<br>
rem<br>
rem example: See description<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### Debugging&nbsp;
###########################<br>
rem
############################################################<br>
rem turn Debug Mode on and off from command line<br>
rem
############################################################<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -turndebugmodeon<br>
rem This will turn on debugging, a debug.txt file will be
written<br>
rem to the users temp directory.<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -turndebugmodeoff<br>
rem This will turn off debugging.<br>
rem
############################################################<br>
rem<br>
rem example: See description<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ######################### REBOOT
###########################<br>
rem
############################################################<br>
rem reboot the SecuSurf Server<br>
rem
############################################################<br>
rem<br>
rem example<br>
rem start /w SecuSurfAdminWizard.exe -rebootserver<br>
<br>
<br>
rem
############################################################<br>
rem Description of exit codes follows.<br>
rem
############################################################<br>
<br>
echo.&amp;goto:eof<br>
<br>
<br>
:messageoutput<br>
if DEFINED logfile echo. %isodate% - %time%:
%~1&gt;&gt;%logfile%<br>
echo. %~1<br>
goto:eof<br>
<br>
:Errorreporting<br>
if %~1 EQU 0 call:messageoutput "Command completed
successfully."<br>
if %~1 EQU 1 call:messageoutput "Command NOT completed
successfully."<br>
if %~1 EQU 101 call:messageoutput "Error accessing the registry.
Does the user have enough rights? Is the password stored in the
registry?"<br>
if %~1 EQU 109 call:messageoutput "The password in the registry
seems to be wrong."<br>
if %~1 EQU 111 call:messageoutput "Another instance of the
AdminWizard is already running. Please use that instance
instead."<br>
if %~1 EQU 112 call:messageoutput "Could not get challenge
information from registry. Please use AdminWizard installation that
had a valid connection to the server before."<br>
if %~1 EQU 125 call:messageoutput "Not all servers available. To
avoid inconsistencies, the command has been aborted."<br>
if %~1 EQU 131 call:messageoutput "The server is in learn mode. The
command has been aborted."<br>
if %~1 EQU 163 call:messageoutput "An error has occured while
generating a new whitelist."<br>
if %~1 EQU 191 call:messageoutput "Server error: Server does not
accept new whitelists."<br>
if %~1 EQU 194 call:messageoutput "The server did not accept the
new whitelist. There is probably an inconsistency in the
whitelist."<br>
if %~1 EQU 195 call:messageoutput "The whitelist has been
activated, but at least one server did not get it. This may result
in an inconsistency of the servers databases."<br>
if %~1 EQU 501 call:messageoutput "Unknown command line
argument."<br>
if %~1 EQU 512 call:messageoutput "File not found."<br>
if %~1 EQU 513 call:messageoutput "File exists. Will not
override."<br>
if %~1 EQU 523 call:messageoutput "Directory not found."<br>
if %~1 EQU 551 call:messageoutput "Active directory update error.
Does the user have enough rights to access the AD?"<br>
goto:eof</span>
  </TD>
</TR>
</TABLE>
</BODY>
</HTML>
